//package com.geese.module.security.core;
//
//import org.springframework.security.access.AccessDecisionManager;
//import org.springframework.security.access.AccessDeniedException;
//import org.springframework.security.access.ConfigAttribute;
//import org.springframework.security.authentication.InsufficientAuthenticationException;
//import org.springframework.security.core.Authentication;
//import org.springframework.security.core.GrantedAuthority;
//import org.springframework.stereotype.Component;
//import org.springframework.stereotype.Service;
//
//import java.util.Collection;
//import java.util.Iterator;
//
///**
// * Created by Z先生 on 2017/2/21.
// */
////  校验用户的权限是否足够
//@Service
//public class MyAccessDecisionManager implements AccessDecisionManager {
//
//
//    /**
//     * 检查用户是否够权限访问资源
//     * 这里用户的权限是在验证登录的时候加载到缓存中去的
//     * authentication 是从spring的全局缓存SecurityContextHolder中拿到的，里面是用户的权限信息
//     * object 是url
//     * configAttributes 所需的权限
//     * @see org.springframework.security.access.AccessDecisionManager#decide(org.springframework.security.core.Authentication, java.lang.Object, java.util.Collection)
//     */
//    @Override
//    public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
//        if (null == configAttributes || configAttributes.size() <= 0) {
//            return;
//        }
//        ConfigAttribute c;
//        String needRole;
//        for (Iterator<ConfigAttribute> iter = configAttributes.iterator(); iter.hasNext(); ) {
//            c = iter.next();
//            needRole = c.getAttribute();
//            for (GrantedAuthority ga : authentication.getAuthorities()) {
//                if (needRole.trim().equals(ga.getAuthority())) {
//                    return;
//                }
//            }
//        }
//        throw new AccessDeniedException("no right");
//    }
//
//    @Override
//    public boolean supports(ConfigAttribute configAttribute) {
//        return true;
//    }
//
//    @Override
//    public boolean supports(Class<?> aClass) {
//        return true;
//    }
//}
